Config.php 27 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510511512513514515516517518519520521522523524525526527528529530531532533534535536537538539540541542543544545546547548549550551552553554555556557558559560561562563564565566567568569570571572573574575576577578579580581582583584585586587588589590591592593594595596597598599600601602603604605606607608609610611612613614615616617618619620621622623624625626627628629630631632633634635636637638639640641642643644645646647648649650651652653654655656657658659660661662663664665666667668669670671672673674675676677678679680681682683684685686687688689690691692693694695696697698699700701702703704705706707708709
  1. <?php
  2. /**
  3. * Configuration object that triggers customizable behavior.
  4. *
  5. * @warning This class is strongly defined: that means that the class
  6. * will fail if an undefined directive is retrieved or set.
  7. *
  8. * @note Many classes that could (although many times don't) use the
  9. * configuration object make it a mandatory parameter. This is
  10. * because a configuration object should always be forwarded,
  11. * otherwise, you run the risk of missing a parameter and then
  12. * being stumped when a configuration directive doesn't work.
  13. *
  14. * @todo Reconsider some of the public member variables
  15. */
  16. class HTMLPurifier_Config
  17. {
  18. /**
  19. * HTML Purifier's version
  20. */
  21. public $version = '4.2.0';
  22. /**
  23. * Bool indicator whether or not to automatically finalize
  24. * the object if a read operation is done
  25. */
  26. public $autoFinalize = true;
  27. // protected member variables
  28. /**
  29. * Namespace indexed array of serials for specific namespaces (see
  30. * getSerial() for more info).
  31. */
  32. protected $serials = array();
  33. /**
  34. * Serial for entire configuration object
  35. */
  36. protected $serial;
  37. /**
  38. * Parser for variables
  39. */
  40. protected $parser;
  41. /**
  42. * Reference HTMLPurifier_ConfigSchema for value checking
  43. * @note This is public for introspective purposes. Please don't
  44. * abuse!
  45. */
  46. public $def;
  47. /**
  48. * Indexed array of definitions
  49. */
  50. protected $definitions;
  51. /**
  52. * Bool indicator whether or not config is finalized
  53. */
  54. protected $finalized = false;
  55. /**
  56. * Property list containing configuration directives.
  57. */
  58. protected $plist;
  59. /**
  60. * Whether or not a set is taking place due to an
  61. * alias lookup.
  62. */
  63. private $aliasMode;
  64. /**
  65. * Set to false if you do not want line and file numbers in errors
  66. * (useful when unit testing). This will also compress some errors
  67. * and exceptions.
  68. */
  69. public $chatty = true;
  70. /**
  71. * Current lock; only gets to this namespace are allowed.
  72. */
  73. private $lock;
  74. /**
  75. * @param $definition HTMLPurifier_ConfigSchema that defines what directives
  76. * are allowed.
  77. */
  78. public function __construct($definition, $parent = null) {
  79. $parent = $parent ? $parent : $definition->defaultPlist;
  80. $this->plist = new HTMLPurifier_PropertyList($parent);
  81. $this->def = $definition; // keep a copy around for checking
  82. $this->parser = new HTMLPurifier_VarParser_Flexible();
  83. }
  84. /**
  85. * Convenience constructor that creates a config object based on a mixed var
  86. * @param mixed $config Variable that defines the state of the config
  87. * object. Can be: a HTMLPurifier_Config() object,
  88. * an array of directives based on loadArray(),
  89. * or a string filename of an ini file.
  90. * @param HTMLPurifier_ConfigSchema Schema object
  91. * @return Configured HTMLPurifier_Config object
  92. */
  93. public static function create($config, $schema = null) {
  94. if ($config instanceof HTMLPurifier_Config) {
  95. // pass-through
  96. return $config;
  97. }
  98. if (!$schema) {
  99. $ret = HTMLPurifier_Config::createDefault();
  100. } else {
  101. $ret = new HTMLPurifier_Config($schema);
  102. }
  103. if (is_string($config)) $ret->loadIni($config);
  104. elseif (is_array($config)) $ret->loadArray($config);
  105. return $ret;
  106. }
  107. /**
  108. * Creates a new config object that inherits from a previous one.
  109. * @param HTMLPurifier_Config $config Configuration object to inherit
  110. * from.
  111. * @return HTMLPurifier_Config object with $config as its parent.
  112. */
  113. public static function inherit(HTMLPurifier_Config $config) {
  114. return new HTMLPurifier_Config($config->def, $config->plist);
  115. }
  116. /**
  117. * Convenience constructor that creates a default configuration object.
  118. * @return Default HTMLPurifier_Config object.
  119. */
  120. public static function createDefault() {
  121. $definition = HTMLPurifier_ConfigSchema::instance();
  122. $config = new HTMLPurifier_Config($definition);
  123. return $config;
  124. }
  125. /**
  126. * Retreives a value from the configuration.
  127. * @param $key String key
  128. */
  129. public function get($key, $a = null) {
  130. if ($a !== null) {
  131. $this->triggerError("Using deprecated API: use \$config->get('$key.$a') instead", E_USER_WARNING);
  132. $key = "$key.$a";
  133. }
  134. if (!$this->finalized) $this->autoFinalize();
  135. if (!isset($this->def->info[$key])) {
  136. // can't add % due to SimpleTest bug
  137. $this->triggerError('Cannot retrieve value of undefined directive ' . htmlspecialchars($key),
  138. E_USER_WARNING);
  139. return;
  140. }
  141. if (isset($this->def->info[$key]->isAlias)) {
  142. $d = $this->def->info[$key];
  143. $this->triggerError('Cannot get value from aliased directive, use real name ' . $d->key,
  144. E_USER_ERROR);
  145. return;
  146. }
  147. if ($this->lock) {
  148. list($ns) = explode('.', $key);
  149. if ($ns !== $this->lock) {
  150. $this->triggerError('Cannot get value of namespace ' . $ns . ' when lock for ' . $this->lock . ' is active, this probably indicates a Definition setup method is accessing directives that are not within its namespace', E_USER_ERROR);
  151. return;
  152. }
  153. }
  154. return $this->plist->get($key);
  155. }
  156. /**
  157. * Retreives an array of directives to values from a given namespace
  158. * @param $namespace String namespace
  159. */
  160. public function getBatch($namespace) {
  161. if (!$this->finalized) $this->autoFinalize();
  162. $full = $this->getAll();
  163. if (!isset($full[$namespace])) {
  164. $this->triggerError('Cannot retrieve undefined namespace ' . htmlspecialchars($namespace),
  165. E_USER_WARNING);
  166. return;
  167. }
  168. return $full[$namespace];
  169. }
  170. /**
  171. * Returns a md5 signature of a segment of the configuration object
  172. * that uniquely identifies that particular configuration
  173. * @note Revision is handled specially and is removed from the batch
  174. * before processing!
  175. * @param $namespace Namespace to get serial for
  176. */
  177. public function getBatchSerial($namespace) {
  178. if (empty($this->serials[$namespace])) {
  179. $batch = $this->getBatch($namespace);
  180. unset($batch['DefinitionRev']);
  181. $this->serials[$namespace] = md5(serialize($batch));
  182. }
  183. return $this->serials[$namespace];
  184. }
  185. /**
  186. * Returns a md5 signature for the entire configuration object
  187. * that uniquely identifies that particular configuration
  188. */
  189. public function getSerial() {
  190. if (empty($this->serial)) {
  191. $this->serial = md5(serialize($this->getAll()));
  192. }
  193. return $this->serial;
  194. }
  195. /**
  196. * Retrieves all directives, organized by namespace
  197. * @warning This is a pretty inefficient function, avoid if you can
  198. */
  199. public function getAll() {
  200. if (!$this->finalized) $this->autoFinalize();
  201. $ret = array();
  202. foreach ($this->plist->squash() as $name => $value) {
  203. list($ns, $key) = explode('.', $name, 2);
  204. $ret[$ns][$key] = $value;
  205. }
  206. return $ret;
  207. }
  208. /**
  209. * Sets a value to configuration.
  210. * @param $key String key
  211. * @param $value Mixed value
  212. */
  213. public function set($key, $value, $a = null) {
  214. if (strpos($key, '.') === false) {
  215. $namespace = $key;
  216. $directive = $value;
  217. $value = $a;
  218. $key = "$key.$directive";
  219. $this->triggerError("Using deprecated API: use \$config->set('$key', ...) instead", E_USER_NOTICE);
  220. } else {
  221. list($namespace) = explode('.', $key);
  222. }
  223. if ($this->isFinalized('Cannot set directive after finalization')) return;
  224. if (!isset($this->def->info[$key])) {
  225. $this->triggerError('Cannot set undefined directive ' . htmlspecialchars($key) . ' to value',
  226. E_USER_WARNING);
  227. return;
  228. }
  229. $def = $this->def->info[$key];
  230. if (isset($def->isAlias)) {
  231. if ($this->aliasMode) {
  232. $this->triggerError('Double-aliases not allowed, please fix '.
  233. 'ConfigSchema bug with' . $key, E_USER_ERROR);
  234. return;
  235. }
  236. $this->aliasMode = true;
  237. $this->set($def->key, $value);
  238. $this->aliasMode = false;
  239. $this->triggerError("$key is an alias, preferred directive name is {$def->key}", E_USER_NOTICE);
  240. return;
  241. }
  242. // Raw type might be negative when using the fully optimized form
  243. // of stdclass, which indicates allow_null == true
  244. $rtype = is_int($def) ? $def : $def->type;
  245. if ($rtype < 0) {
  246. $type = -$rtype;
  247. $allow_null = true;
  248. } else {
  249. $type = $rtype;
  250. $allow_null = isset($def->allow_null);
  251. }
  252. try {
  253. $value = $this->parser->parse($value, $type, $allow_null);
  254. } catch (HTMLPurifier_VarParserException $e) {
  255. $this->triggerError('Value for ' . $key . ' is of invalid type, should be ' . HTMLPurifier_VarParser::getTypeName($type), E_USER_WARNING);
  256. return;
  257. }
  258. if (is_string($value) && is_object($def)) {
  259. // resolve value alias if defined
  260. if (isset($def->aliases[$value])) {
  261. $value = $def->aliases[$value];
  262. }
  263. // check to see if the value is allowed
  264. if (isset($def->allowed) && !isset($def->allowed[$value])) {
  265. $this->triggerError('Value not supported, valid values are: ' .
  266. $this->_listify($def->allowed), E_USER_WARNING);
  267. return;
  268. }
  269. }
  270. $this->plist->set($key, $value);
  271. // reset definitions if the directives they depend on changed
  272. // this is a very costly process, so it's discouraged
  273. // with finalization
  274. if ($namespace == 'HTML' || $namespace == 'CSS' || $namespace == 'URI') {
  275. $this->definitions[$namespace] = null;
  276. }
  277. $this->serials[$namespace] = false;
  278. }
  279. /**
  280. * Convenience function for error reporting
  281. */
  282. private function _listify($lookup) {
  283. $list = array();
  284. foreach ($lookup as $name => $b) $list[] = $name;
  285. return implode(', ', $list);
  286. }
  287. /**
  288. * Retrieves object reference to the HTML definition.
  289. * @param $raw Return a copy that has not been setup yet. Must be
  290. * called before it's been setup, otherwise won't work.
  291. * @param $optimized If true, this method may return null, to
  292. * indicate that a cached version of the modified
  293. * definition object is available and no further edits
  294. * are necessary. Consider using
  295. * maybeGetRawHTMLDefinition, which is more explicitly
  296. * named, instead.
  297. */
  298. public function getHTMLDefinition($raw = false, $optimized = false) {
  299. return $this->getDefinition('HTML', $raw, $optimized);
  300. }
  301. /**
  302. * Retrieves object reference to the CSS definition
  303. * @param $raw Return a copy that has not been setup yet. Must be
  304. * called before it's been setup, otherwise won't work.
  305. * @param $optimized If true, this method may return null, to
  306. * indicate that a cached version of the modified
  307. * definition object is available and no further edits
  308. * are necessary. Consider using
  309. * maybeGetRawCSSDefinition, which is more explicitly
  310. * named, instead.
  311. */
  312. public function getCSSDefinition($raw = false, $optimized = false) {
  313. return $this->getDefinition('CSS', $raw, $optimized);
  314. }
  315. /**
  316. * Retrieves object reference to the URI definition
  317. * @param $raw Return a copy that has not been setup yet. Must be
  318. * called before it's been setup, otherwise won't work.
  319. * @param $optimized If true, this method may return null, to
  320. * indicate that a cached version of the modified
  321. * definition object is available and no further edits
  322. * are necessary. Consider using
  323. * maybeGetRawURIDefinition, which is more explicitly
  324. * named, instead.
  325. */
  326. public function getURIDefinition($raw = false, $optimized = false) {
  327. return $this->getDefinition('URI', $raw, $optimized);
  328. }
  329. /**
  330. * Retrieves a definition
  331. * @param $type Type of definition: HTML, CSS, etc
  332. * @param $raw Whether or not definition should be returned raw
  333. * @param $optimized Only has an effect when $raw is true. Whether
  334. * or not to return null if the result is already present in
  335. * the cache. This is off by default for backwards
  336. * compatibility reasons, but you need to do things this
  337. * way in order to ensure that caching is done properly.
  338. * Check out enduser-customize.html for more details.
  339. * We probably won't ever change this default, as much as the
  340. * maybe semantics is the "right thing to do."
  341. */
  342. public function getDefinition($type, $raw = false, $optimized = false) {
  343. if ($optimized && !$raw) {
  344. throw new HTMLPurifier_Exception("Cannot set optimized = true when raw = false");
  345. }
  346. if (!$this->finalized) $this->autoFinalize();
  347. // temporarily suspend locks, so we can handle recursive definition calls
  348. $lock = $this->lock;
  349. $this->lock = null;
  350. $factory = HTMLPurifier_DefinitionCacheFactory::instance();
  351. $cache = $factory->create($type, $this);
  352. $this->lock = $lock;
  353. if (!$raw) {
  354. // full definition
  355. // ---------------
  356. // check if definition is in memory
  357. if (!empty($this->definitions[$type])) {
  358. $def = $this->definitions[$type];
  359. // check if the definition is setup
  360. if ($def->setup) {
  361. return $def;
  362. } else {
  363. $def->setup($this);
  364. if ($def->optimized) $cache->add($def, $this);
  365. return $def;
  366. }
  367. }
  368. // check if definition is in cache
  369. $def = $cache->get($this);
  370. if ($def) {
  371. // definition in cache, save to memory and return it
  372. $this->definitions[$type] = $def;
  373. return $def;
  374. }
  375. // initialize it
  376. $def = $this->initDefinition($type);
  377. // set it up
  378. $this->lock = $type;
  379. $def->setup($this);
  380. $this->lock = null;
  381. // save in cache
  382. $cache->add($def, $this);
  383. // return it
  384. return $def;
  385. } else {
  386. // raw definition
  387. // --------------
  388. // check preconditions
  389. $def = null;
  390. if ($optimized) {
  391. if (is_null($this->get($type . '.DefinitionID'))) {
  392. // fatally error out if definition ID not set
  393. throw new HTMLPurifier_Exception("Cannot retrieve raw version without specifying %$type.DefinitionID");
  394. }
  395. }
  396. if (!empty($this->definitions[$type])) {
  397. $def = $this->definitions[$type];
  398. if ($def->setup && !$optimized) {
  399. $extra = $this->chatty ? " (try moving this code block earlier in your initialization)" : "";
  400. throw new HTMLPurifier_Exception("Cannot retrieve raw definition after it has already been setup" . $extra);
  401. }
  402. if ($def->optimized === null) {
  403. $extra = $this->chatty ? " (try flushing your cache)" : "";
  404. throw new HTMLPurifier_Exception("Optimization status of definition is unknown" . $extra);
  405. }
  406. if ($def->optimized !== $optimized) {
  407. $msg = $optimized ? "optimized" : "unoptimized";
  408. $extra = $this->chatty ? " (this backtrace is for the first inconsistent call, which was for a $msg raw definition)" : "";
  409. throw new HTMLPurifier_Exception("Inconsistent use of optimized and unoptimized raw definition retrievals" . $extra);
  410. }
  411. }
  412. // check if definition was in memory
  413. if ($def) {
  414. if ($def->setup) {
  415. // invariant: $optimized === true (checked above)
  416. return null;
  417. } else {
  418. return $def;
  419. }
  420. }
  421. // if optimized, check if definition was in cache
  422. // (because we do the memory check first, this formulation
  423. // is prone to cache slamming, but I think
  424. // guaranteeing that either /all/ of the raw
  425. // setup code or /none/ of it is run is more important.)
  426. if ($optimized) {
  427. // This code path only gets run once; once we put
  428. // something in $definitions (which is guaranteed by the
  429. // trailing code), we always short-circuit above.
  430. $def = $cache->get($this);
  431. if ($def) {
  432. // save the full definition for later, but don't
  433. // return it yet
  434. $this->definitions[$type] = $def;
  435. return null;
  436. }
  437. }
  438. // check invariants for creation
  439. if (!$optimized) {
  440. if (!is_null($this->get($type . '.DefinitionID'))) {
  441. if ($this->chatty) {
  442. $this->triggerError("Due to a documentation error in previous version of HTML Purifier, your definitions are not being cached. If this is OK, you can remove the %$type.DefinitionRev and %$type.DefinitionID declaration. Otherwise, modify your code to use maybeGetRawDefinition, and test if the returned value is null before making any edits (if it is null, that means that a cached version is available, and no raw operations are necessary). See <a href='http://htmlpurifier.org/docs/enduser-customize.html#optimized'>Customize</a> for more details", E_USER_WARNING);
  443. } else {
  444. $this->triggerError("Useless DefinitionID declaration", E_USER_WARNING);
  445. }
  446. }
  447. }
  448. // initialize it
  449. $def = $this->initDefinition($type);
  450. $def->optimized = $optimized;
  451. return $def;
  452. }
  453. throw new HTMLPurifier_Exception("The impossible happened!");
  454. }
  455. private function initDefinition($type) {
  456. // quick checks failed, let's create the object
  457. if ($type == 'HTML') {
  458. $def = new HTMLPurifier_HTMLDefinition();
  459. } elseif ($type == 'CSS') {
  460. $def = new HTMLPurifier_CSSDefinition();
  461. } elseif ($type == 'URI') {
  462. $def = new HTMLPurifier_URIDefinition();
  463. } else {
  464. throw new HTMLPurifier_Exception("Definition of $type type not supported");
  465. }
  466. $this->definitions[$type] = $def;
  467. return $def;
  468. }
  469. public function maybeGetRawDefinition($name) {
  470. return $this->getDefinition($name, true, true);
  471. }
  472. public function maybeGetRawHTMLDefinition() {
  473. return $this->getDefinition('HTML', true, true);
  474. }
  475. public function maybeGetRawCSSDefinition() {
  476. return $this->getDefinition('CSS', true, true);
  477. }
  478. public function maybeGetRawURIDefinition() {
  479. return $this->getDefinition('URI', true, true);
  480. }
  481. /**
  482. * Loads configuration values from an array with the following structure:
  483. * Namespace.Directive => Value
  484. * @param $config_array Configuration associative array
  485. */
  486. public function loadArray($config_array) {
  487. if ($this->isFinalized('Cannot load directives after finalization')) return;
  488. foreach ($config_array as $key => $value) {
  489. $key = str_replace('_', '.', $key);
  490. if (strpos($key, '.') !== false) {
  491. $this->set($key, $value);
  492. } else {
  493. $namespace = $key;
  494. $namespace_values = $value;
  495. foreach ($namespace_values as $directive => $value) {
  496. $this->set($namespace .'.'. $directive, $value);
  497. }
  498. }
  499. }
  500. }
  501. /**
  502. * Returns a list of array(namespace, directive) for all directives
  503. * that are allowed in a web-form context as per an allowed
  504. * namespaces/directives list.
  505. * @param $allowed List of allowed namespaces/directives
  506. */
  507. public static function getAllowedDirectivesForForm($allowed, $schema = null) {
  508. if (!$schema) {
  509. $schema = HTMLPurifier_ConfigSchema::instance();
  510. }
  511. if ($allowed !== true) {
  512. if (is_string($allowed)) $allowed = array($allowed);
  513. $allowed_ns = array();
  514. $allowed_directives = array();
  515. $blacklisted_directives = array();
  516. foreach ($allowed as $ns_or_directive) {
  517. if (strpos($ns_or_directive, '.') !== false) {
  518. // directive
  519. if ($ns_or_directive[0] == '-') {
  520. $blacklisted_directives[substr($ns_or_directive, 1)] = true;
  521. } else {
  522. $allowed_directives[$ns_or_directive] = true;
  523. }
  524. } else {
  525. // namespace
  526. $allowed_ns[$ns_or_directive] = true;
  527. }
  528. }
  529. }
  530. $ret = array();
  531. foreach ($schema->info as $key => $def) {
  532. list($ns, $directive) = explode('.', $key, 2);
  533. if ($allowed !== true) {
  534. if (isset($blacklisted_directives["$ns.$directive"])) continue;
  535. if (!isset($allowed_directives["$ns.$directive"]) && !isset($allowed_ns[$ns])) continue;
  536. }
  537. if (isset($def->isAlias)) continue;
  538. if ($directive == 'DefinitionID' || $directive == 'DefinitionRev') continue;
  539. $ret[] = array($ns, $directive);
  540. }
  541. return $ret;
  542. }
  543. /**
  544. * Loads configuration values from $_GET/$_POST that were posted
  545. * via ConfigForm
  546. * @param $array $_GET or $_POST array to import
  547. * @param $index Index/name that the config variables are in
  548. * @param $allowed List of allowed namespaces/directives
  549. * @param $mq_fix Boolean whether or not to enable magic quotes fix
  550. * @param $schema Instance of HTMLPurifier_ConfigSchema to use, if not global copy
  551. */
  552. public static function loadArrayFromForm($array, $index = false, $allowed = true, $mq_fix = true, $schema = null) {
  553. $ret = HTMLPurifier_Config::prepareArrayFromForm($array, $index, $allowed, $mq_fix, $schema);
  554. $config = HTMLPurifier_Config::create($ret, $schema);
  555. return $config;
  556. }
  557. /**
  558. * Merges in configuration values from $_GET/$_POST to object. NOT STATIC.
  559. * @note Same parameters as loadArrayFromForm
  560. */
  561. public function mergeArrayFromForm($array, $index = false, $allowed = true, $mq_fix = true) {
  562. $ret = HTMLPurifier_Config::prepareArrayFromForm($array, $index, $allowed, $mq_fix, $this->def);
  563. $this->loadArray($ret);
  564. }
  565. /**
  566. * Prepares an array from a form into something usable for the more
  567. * strict parts of HTMLPurifier_Config
  568. */
  569. public static function prepareArrayFromForm($array, $index = false, $allowed = true, $mq_fix = true, $schema = null) {
  570. if ($index !== false) $array = (isset($array[$index]) && is_array($array[$index])) ? $array[$index] : array();
  571. $mq = $mq_fix && function_exists('get_magic_quotes_gpc') && get_magic_quotes_gpc();
  572. $allowed = HTMLPurifier_Config::getAllowedDirectivesForForm($allowed, $schema);
  573. $ret = array();
  574. foreach ($allowed as $key) {
  575. list($ns, $directive) = $key;
  576. $skey = "$ns.$directive";
  577. if (!empty($array["Null_$skey"])) {
  578. $ret[$ns][$directive] = null;
  579. continue;
  580. }
  581. if (!isset($array[$skey])) continue;
  582. $value = $mq ? stripslashes($array[$skey]) : $array[$skey];
  583. $ret[$ns][$directive] = $value;
  584. }
  585. return $ret;
  586. }
  587. /**
  588. * Loads configuration values from an ini file
  589. * @param $filename Name of ini file
  590. */
  591. public function loadIni($filename) {
  592. if ($this->isFinalized('Cannot load directives after finalization')) return;
  593. $array = parse_ini_file($filename, true);
  594. $this->loadArray($array);
  595. }
  596. /**
  597. * Checks whether or not the configuration object is finalized.
  598. * @param $error String error message, or false for no error
  599. */
  600. public function isFinalized($error = false) {
  601. if ($this->finalized && $error) {
  602. $this->triggerError($error, E_USER_ERROR);
  603. }
  604. return $this->finalized;
  605. }
  606. /**
  607. * Finalizes configuration only if auto finalize is on and not
  608. * already finalized
  609. */
  610. public function autoFinalize() {
  611. if ($this->autoFinalize) {
  612. $this->finalize();
  613. } else {
  614. $this->plist->squash(true);
  615. }
  616. }
  617. /**
  618. * Finalizes a configuration object, prohibiting further change
  619. */
  620. public function finalize() {
  621. $this->finalized = true;
  622. unset($this->parser);
  623. }
  624. /**
  625. * Produces a nicely formatted error message by supplying the
  626. * stack frame information OUTSIDE of HTMLPurifier_Config.
  627. */
  628. protected function triggerError($msg, $no) {
  629. // determine previous stack frame
  630. $extra = '';
  631. if ($this->chatty) {
  632. $trace = debug_backtrace();
  633. // zip(tail(trace), trace) -- but PHP is not Haskell har har
  634. for ($i = 0, $c = count($trace); $i < $c - 1; $i++) {
  635. if ($trace[$i + 1]['class'] === 'HTMLPurifier_Config') {
  636. continue;
  637. }
  638. $frame = $trace[$i];
  639. $extra = " invoked on line {$frame['line']} in file {$frame['file']}";
  640. break;
  641. }
  642. }
  643. trigger_error($msg . $extra, $no);
  644. }
  645. /**
  646. * Returns a serialized form of the configuration object that can
  647. * be reconstituted.
  648. */
  649. public function serialize() {
  650. $this->getDefinition('HTML');
  651. $this->getDefinition('CSS');
  652. $this->getDefinition('URI');
  653. return serialize($this);
  654. }
  655. }
  656. // vim: et sw=4 sts=4